Introduction to the Compliance Module
Quick introduction to the module key capabilities
Compliance modules in eramba are used to explain to people how compliant your organisation is with any type of regulatory or contractual requirement.
The process starts by uploading free and open format (CSV based) compliance packages (PCI, ISO, NIST, SOC2, SOX, Etc). These are provided by us or made by you. You link them with other modules in eramba such as Internal Controls, Policies, Exceptions, Risks, Projects, etc. in order to explain to people how you comply with them.
This allows you to record how your organisation decided to deal with each requirement, making it easy to demonstrate to auditors how you meet the requirements by simply viewing the related items. If the auditor needs more details a shortcut provides you direct access to the related items.
Since every module has a status of its own you can tell how they are performing (Risks have reviews, Policies have reviews, Controls have Audits, etc.). This is how you can tell, not just what solution you have for each compliance requirement, but also if those solutions are working or not. The state of each solution item is displayed in the status column. Compliance requirement items inherit the status of their solutions making it pretty clear to know when something is ok or not.
This well proven approach uses different charts to show how well your organisation is complying with any set of requirements and how that has changed over time. Collecting reviews, audits, etc. using eramba’s built in notifications will ensure you have evidence ready for your auditors to review. It will also show when you do not have the evidence as well! You no longer need to review your compliance a month or two before the audit, the audits built in to eramba help ensure you are compliant throughout the year.
You can upload mappings in between compliance packages if you wish. Where requirements are the same for different compliance packages and these have a mapping between them eramba will automatically link the treatment you have recorded to both compliance items.
Once you complete your audits any finding can be tracked down in eramba along with the teams responsible, deadlines and affected compliance requirements. As with any module in eramba you can use filters, reports and notifications to collect status from teams across your organisation and ensure you never miss a deadline.
Playlist
- Episode 1Introduction to the Compliance Module16 mins left
- Episode 2Problem vs. Solution Principle14 mins left
- Episode 3Typical Compliance Questions4 mins left
- Episode 4Prerequisites2 mins left
- Episode 5Compliance Package Database2 mins left
- Episode 6Uploading Compliance Packages4 mins left
- Episode 7Mapping Compliance Packages4 mins left
- Episode 8Compliance Management Related Modules0 mins left
- Episode 9Configuring the Compliance Analysis Module1 min left
- Episode 10Mapping Solutions to Compliance Requirements24 mins left
- Episode 11Typical Filters: Compliance Analysis Module5 mins left
- Episode 12Typical Dynamic Statuses: Compliance Analysis Module6 mins left
- Episode 13Typical Reports: Compliance Analysis Module1 min left
- Episode 14Compliance Management Implementation Guidance3 mins left